CVE-2025-3454 - Bypassing Grafana Datasource Proxy API Authentication with a Simple Slash
Grafana is an open-source analytics and monitoring platform, used widely for visualizing data through dashboards. In early 2025, a critical security flaw was discovered in
CVE-2025-49113 - Remote Code Execution in Roundcube Webmail via Authenticated PHP Object Deserialization
CVE-2025-49113 is a critical vulnerability affecting Roundcube Webmail (before version 1.5.10 and 1.6.x before 1.6.11). If you’re running
CVE-2024-7097 - Insecure User Account Creation in WSO2 Products Explained
In June 2024, a major security flaw was uncovered in various WSO2 products—technology used for identity access management and APIs worldwide. This vulnerability, tracked
CVE-2025-4598 - How A Race Condition in systemd-coredump Leaks SUID Process Secrets
A new vulnerability, tracked as CVE-2025-4598, has been discovered in systemd-coredump, the component responsible for collecting and processing core dumps on many modern Linux systems.
CVE-2024-12224 - How Improper Validation in idna (Rust's punycode crate) Opens the Door to Hostname Confusion Attacks
In early 2024, security researchers uncovered a vulnerability—CVE-2024-12224—affecting the idna crate, which is a crucial part of Rust's popular rust-url library.
Episode
00:00:00
00:00:00